package wsp.dailymarket.obj;

import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import javax.annotation.Resource;
import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ManagedProperty;
import javax.faces.bean.RequestScoped;
import javax.faces.context.FacesContext;
import javax.sql.DataSource;
import wsp.dailymarket.auth.AuthenticationBean;

/**
 * Bean representing a request to change a user's password
 * @author Matt
 */
@ManagedBean(name="changePasswordBean")
@RequestScoped
public class ChangePasswordBean {

	@Resource(name="jdbc/dmderby")
	private DataSource ds;

	private String oldPassword;
	private String newPassword;
	private String newPasswordConfirm;
	@ManagedProperty(value="#{authenticationBean}")
	private AuthenticationBean authBean;

	public ChangePasswordBean() {
		this.oldPassword = "";
		this.newPassword = "";
		this.newPasswordConfirm = "";
	}

	public void setOldPassword(String newValue) {
		this.oldPassword = newValue;
	}

	public String getOldPassword() {
		return this.oldPassword;
	}

	public void setNewPassword(String newValue) {
		this.newPassword = newValue;
	}

	public String getNewPassword() {
		return this.newPassword;
	}

	public void setNewPasswordConfirm(String newValue) {
		this.newPasswordConfirm = newValue;
	}

	public String getNewPasswordConfirm() {
		return this.newPasswordConfirm;
	}

	public void setAuthBean(AuthenticationBean newValue) {
		this.authBean = newValue;
	}

	public String doChangePassword() {
		if (!this.newPassword.equals(this.newPasswordConfirm)) {
			FacesMessage msg = new FacesMessage();
			msg.setSeverity(FacesMessage.SEVERITY_ERROR);
			msg.setSummary("Passwords do not match!");
			FacesContext.getCurrentInstance().addMessage("new_password_confirm", msg);
			return null;
		}

		Connection conn = null;
		try {
			try {
				conn = ds.getConnection();
				Statement stmt = conn.createStatement();
				String sql = "UPDATE APP.CLIENTS SET password='"
						+ this.newPassword
						+ "' WHERE client_id = '"
						+ this.authBean.getAuthentication().getUserID()
						+ "' AND password = '"
						+ this.oldPassword
						+ "'";
				if (stmt.executeUpdate(sql) == 1) {
					FacesMessage msg = new FacesMessage();
					msg.setSeverity(FacesMessage.SEVERITY_INFO);
					msg.setSummary("Password changed!");
					FacesContext.getCurrentInstance().addMessage(null, msg);
					return authBean.getProfileOutcome();
				} else {
					FacesMessage msg = new FacesMessage();
					msg.setSeverity(FacesMessage.SEVERITY_ERROR);
					msg.setSummary("Incorrect old password.");
					FacesContext.getCurrentInstance().addMessage(null, msg);
					return null;
				}
			} finally {
				if (conn != null) conn.close();
			}
		} catch (SQLException ex) {
			ex.printStackTrace(System.err);
			FacesMessage msg = new FacesMessage();
			msg.setSeverity(FacesMessage.SEVERITY_FATAL);
			msg.setSummary("Database Error");
			FacesContext.getCurrentInstance().addMessage(null, msg);
			return null;
		}
	}

}
